Today, Bromium released the results of its “Enterprise Security Confidence Report,” a survey of more than 125 information security professionals, focused on the greatest risks facing organizations today, the effectiveness of various security solutions and the priorities for security architectures. As we reported in our press release, the survey found increased concern about legacy solutions […]

News today, Brian Krebs reports of a new Adobe Flash zero-day and its associated critical patch. According to Krebs, Adobe claims the exploit (CVE-2015-3113) is already being used in targeted attacks, so security teams should be on high alert. Adobe has published a security bulletin that indicates systems running Internet Explorer on Windows 7 are […]

The aftermath of the OPM breach is beginning to play out with Congress calling for resignations. The Wall Street Journal reports on official hearings with conflicted testimony. The Chairman of the House Committee on Oversight and GOvernemtn Reform Rep. Jason Chaffetz stated: “I hear, ‘We are doing a great job.’ You are not. It is […]

Do you remember the Y2K problem? In the years before the year 2000 there was huge concern that a wide range of systems would fail because many programs and even compilers used only two digits for the year, and therefore 2000, stored as “00” could be erroneously interpreted as 1900. I won’t go into the […]

Last week we saw another sophisticated attack unearthed by a large security company from its own compromised internal networks (yes, even cyber defenders are fallible). This attack leverages the most dangerous weakness on a system, namely an unknown vulnerability in the “kernel” or core of the operating system. Not surprisingly, spear phishing seems to be […]

In a typical drive-by-download attack scenario the shellcode would download and execute a malware binary. The malware binary is usually wrapped in a dropper that unpacks or de-obfuscates and executes it. Droppers’ main goal is to launch malware without being detected by antiviruses and HIPS. Nowadays the most popular way of covert launching would probably […]

Today Bromium announced the general availability of Bromium Enterprise Controller (BEC), a key component in our architecture to help enterprises achieve security by design. This post is just a brief introduction. I’ll provide more detail shortly. BEC plays a pivotal role in the Bromium architecture for enterprise-wide security. It is a centralized co-ordination “brain” for a […]